linux random capabilities ...

To: debian-security@lists.debian.org
Subject: linux random capabilities ...
From: Jean-Francois Dive <jef@linuxbe.org>
Date: Wed, 31 Jul 2002 19:51:03 +1000
Message-id: <[🔎] 20020731095103.GC458@gnoll.homeip.net>

hello people,

i was talking to a friend, and he was describing the inability of PC
based security devices to have proper pseudo-random number generation. 
This sounds to me that i needed some investigation. My general question 
is: does someone ever heard about any type of cryptographic attack using
flaws in the random number generation ? Is there (even therically) possibilites
to be able to guess those numbers ? I know that some protocols add some
more randomness (like ipsec, using the last cyphered block in the antropy
pool etc..), but i'd like to have a clear idea on how secure those
mechanims are. 

Finally, i read here and there some work on hardware random generation devices
(based on radio activity readings, or diods based devices or whatever), is
there anyone with some experience with those ? 

thanks,

cheers,


JeF

-- 
-> Jean-Francois Dive
--> jef@linuxbe.org

Reply to:

Follow-Ups:
- Re: linux random capabilities ...
  - From: Adam Olsen <rhamph@d2dc.net>
- Re: linux random capabilities ...
  - From: Sam Vilain <sam@vilain.net>

Prev by Date: Re: changelog.Debian and security advisories
Next by Date: Re: Some more port closing questions
Previous by thread: help
Next by thread: Re: linux random capabilities ...
Index(es):
- Date
- Thread